This week, a division of Scotland’s National Health Service (NHS) was hit by a cyber attack, potentially disrupting services and exposing patient and employee data. Meanwhile, a researcher revealed a…
Category: Cyber Security
The “GhostRace” speculative execution attack impacts all CPU and operating system vendors
Researchers at IBM and VU Amsterdam have developed a new attack that exploits speculative execution mechanisms in modern computer processors to bypass checks in operating systems against so-called race conditions.…
Nissan Oceania hacked; 100,000 people affected in Australia
A possible ransomware attack against Nissan has revealed personal information belonging to around 100,000 people in Australia and New Zealand. The Japanese vehicle maker has a troubled history with cyberattacks,…
GhostRace – New data leak vulnerability affects modern CPUs
March 15, 2024PressroomHardware security/data protection A group of researchers has discovered a new data leak attack that targets modern CPU architectures that support speculative execution. Nicknamed GhostRace (CVE-2024-2193), is a…
6 CISO Conclusions from the NSA Zero-Trust Guide
The reality of cybersecurity for businesses is that adversaries continually compromise systems and networks, and even well-managed breach prevention programs often face attackers within their perimeters. On March 5, the…
What is the best solution for the 10 common Infosec tasks?
In late 2023, I wrote an article comparing how well ChatGPT and Google Bard handle writing security policies. Given that ChatGPT 4.0 has been available as a paid version, called…
Heated seats? Advanced telematics? Software-defined cars carry risks
Driven by the promise of new revenue lines and lower production costs, automakers are eagerly transforming vehicles into next-generation application platforms. Increasingly, organizations that manage fleets or have transportation as…
Third-party ChatGPT plugins could lead to account takeovers
March 15, 2024PressroomData Privacy/Artificial Intelligence Cybersecurity researchers have discovered that third-party plugins available for OpenAI ChatGPT could serve as a new attack surface for threat actors looking to gain unauthorized…
How to identify a cyber adversary: what to look for
COMMENT Cyber incident attribution gets a lot of attention, for good reason. Identifying the actors behind an attack allows legal or political action to be taken against the adversary and…
Google introduces advanced real-time URL protection for Chrome users
March 15, 2024PressroomBrowser security/phishing attack Google on Thursday announced an improved version of Safe Browsing to provide real-time URL protection, preserving privacy and safeguarding users from visiting potentially harmful sites.…